Hi All,
I need help on a priority issue we are facing.
We are using Adobe forms for capturing user details. After user fills the form and we send the form for processing in a slingRequest object to our handler servlet. We are facing a cross-site scripting issue where the request is being intercepted and modified before we send it to our handler servlet. We are applying XSS-protection for all attributed in the request, but the problem is, the request is not reaching the handler servlet. Is there a way i can apply XSS protection to slingRequest object itself so that i cannot be modified by malicious code. And then send the secure slingRequest object to handler.
Its a high priority production issue, please revert back soon.
Please provide code snippet in case you are helping with code.
Thanks in advance.